The internet has grown in popularity enormously over the last 10 years. In addition to the entertainment and information aspect, commercial activity on the internet has grown rapidly over the same period. Commercial activity on the internet usually involves a transaction for buying or selling goods and/or services. Such a transaction often involves transfer of money and/or sensitive personal information in order to consummate the transaction, e.g., passwords, bank account numbers, etc. Due to such exchange of money and/or sensitive personal information, the internet presents a lucrative opportunity for criminals who may defraud people of their money and/or sensitive information by remaining largely anonymous and in many cases transparent to the users. As a result, instances of fraud associated with such transactions are also increasing. For instance, identification theft is one of the fastest growing criminal activities in the on-line world. Moreover, such criminal activities are not limited to the internet, but are equally prevalent in other methods of communication that involve a computer network, e.g., a secured network between a bank and a user. Two of the commonly employed techniques to monitor and intercept communications between two users are Phishing and Man-in-the-Middle (MITM).
Phishing involves the process of attempting to acquire sensitive information such as, usemames, passwords, credit card details, or the like, by masquerading as a trustworthy entity. In a Phishing attack, a user is directed to a “fake” website, whose look and feel are almost identical to a legitimate website that the user believes he/she is accessing. When an unsuspecting user enters his/her personal information on such a “fake” website, that information is misappropriated and later used for conducting criminal activity, e.g., to make unauthorized purchases using the user's credit card, stealing the user's identity, or the like. Phishing may be carried out using e-mail, instant messaging, or other non-real time communication modes.
MITM is a form of active eavesdropping in which the attacker makes independent connections with the victims, e.g., a user and his bank, and relays messages between them, making both the victims believe that they are talking directly to each other over a private connection when in fact the entire conversation is controlled by the attacker. An MITM scheme may involve an attacker positioning himself between the two victims. Both the victims are unaware that there is a third entity monitoring and intercepting their communications. The attacker may then substitute his own messages for the ones sent by either victim. Thus, the attacker may gather sensitive information of both victims and may be able to modify a transaction between the two victims to his advantage. For example, attacker may position himself between a user system and the user's bank system. When the user attempts to conduct a transaction, e.g. transfer money from user's account to receiver A's account, the attacker may intercept this message and modify it to “transfer from user's account to B's account.” This modified message may be sent to the bank without the user's knowledge thereby diverting the money to an unauthorized recipient.
A variation of the MITM attack is the Man-In-The-Browser (MITB) attack. In this technique, the attacker resides in the web browser rather than on the network. For example, an MITB may be a malware that may reside either in the user system or in the host system. The MITB may be functionally similar to an MITM.
Several techniques are currently in use to prevent or reduce such phishing and MITM attacks. Many of the current solutions may involve hardware, software, or a combination of both. One solution currently in use is referred to as a two-step authentication process. For example, in a transaction involving an ATM card, the user must possess the actual card and is additionally required to enter a pin number in order to proceed with a transaction. A variation of the two-step approach involves the use of out-of-band confirmation process. In this technique, as a first step, the user initiates a transaction with an entity, e.g., a bank, using a first medium, e.g., internet, and may provide a first authenticating information to the entity, e.g., a password. In the second step, the entity may contact the user over a different communication medium, e.g., Public Switched Telephone Network (PSTN), and may request a second authentication information, e.g., birth date. The transaction is allowed to proceed only when both the first and the second authentication information is verified successfully by the entity. Another technique that may be used in conjunction with the two-step approach described above may involve sending the transaction details to the user and requesting the user to confirm the transaction details. This transaction confirmation may be accomplished using the out-of-band communication method described above or by using the same communication channel being used by the user system and the host system. However, such two-step processes are cumbersome and time consuming. Moreover, they need more resources to implement and hence are cost prohibitive.
Hardware techniques may involve use of devices referred to as smart cards. Smart cards are similar to credit cards but have a microchip embedded in them. The microchip can instantaneously verify the cardholder's identity and any privileges to which the cardholder may be entitled. The cardholder can provide an unique passphrase to generate a one-time password (OTP) to be used for a single transaction. This ensures that even if the password is stolen, it may be not be used again. However, Smart cards can be physically disassembled by using acid, abrasives, or some other technique to obtain direct, unrestricted access to the microchip. Although such techniques obviously involve a fairly high risk of permanent damage to the microchip, they permit much more detailed information to be extracted. Further, the plastic card in which the microchip is embedded is fairly flexible, and the larger the chip, the higher the probability of breaking. Smart cards are often carried in wallets or pockets which presents a fairly harsh environment for a chip. In addition, hardware solutions like the smart card may not be able to detect data tampering since smart cards are not equipped to “understand” the data that they are authorizing or exchanging.
Software solutions involve software smart cards that enable multiple levels of authentication. Software smart cards may use a camouflage technique to make it more difficult for a hacker to get access to the information. However, these solutions have limited applicability and require a high level of technical sophistication on the user side and hence may not be practical for widespread implementation. Moreover, the hardware and software solutions described above may not be able to provide the necessary protection, by themselves, against various types of data security threats such as data tampering, MITM, MITB, Phishing, or the like.
One of the recent techniques, called the reverse turing test, focuses on discerning whether the user on the other end of the network is a computer or a human user. This technique is primarily aimed at preventing automated programs from generating requests and/or deciphering information sent over the network. In order to prevent an automated program, e.g., MITM, from deciphering information over a network, it may be necessary to secure the communication channel over which information is being exchanged. This may be accomplished by ascertaining that the user on the other end is a human and not another automated device, using the reverse turing test.
Turing Test
The turing test was originally employed to test a machine's ability to demonstrate intelligence. A typical implementation of a turing test may involve a human judge engaging in a natural language conversation with one human and one machine, each of which try to appear human. All participants are placed in isolated locations. If the judge cannot reliably tell the machine from the human, the machine is said to have passed the test. In order to test the machine's intelligence rather than its ability to render words into audio, the conversation is limited to a text-only channel such as a computer keyboard and screen.
A variation of the turing test called the Reverse Turing Test is a test wherein a computer system tries to determine whether the user on the other end is a human or another computer. This test is premised on the fact that only a human is able to discern certain information that a computer may not be able to discern. For example, if the user is presented with an image depicting a dog and is asked to submit a textual response to the image, only a human can identify the dog in the graphic and textually respond indicating that he/she sees a dog. A computer however, lacks the intelligence required to discern contents of an image and provide a textual response to a question based on the image. Reverse Turing Tests are being increasingly employed in the field of computer security to prevent execution of automated programs which may have a malicious purpose. One such implementation of the reverse turing test is called Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA). Details about CAPTCHA may be found at http://captcha.net.
Text Reading Test (TRT)
The present application describes an implementation of the reverse turing test, described above, and is referred to as the Text-Reading Test (TRT). A TRT may be in the form of a visual presentation (image), an audio presentation (a sound clip that can be deciphered only by a human), or an audio-visual presentation. In one embodiment, a TRT may be an image with text embedded in it, hereinafter referred to as a TRT image. Further, the embedded text may be distorted so that it may be undecipherable by a computer, but a human reading the text may easily be able to recognize the text in the TRT image. For example, during a communication between a computer system and a user, the computer system may send a TRT image to the user system. The user may be asked to recite back at least a portion of the text or the entire text depicted in the TRT image. If the text recited by the user matches the source text in the TRT image, either exactly or approximately, the computer system may conclude that it is interacting with a human user. Thus a computer system or the like, may discern that the user on other end of the communication channel is a human and not another computer system or an automated device. TRT images may be used to prevent spam email, automated registrations, automated attempts to gain access to secured systems using password variations, or the like. For further information on this topic, see Von Ahn, L., Blum, M., and Langford, J., “Telling Humans and Computers Apart Automatically”, Communications of the ACM, volume 4, issue 2, February 2004, pp. 56-60.
Various methods of authentication based on the CAPTCHA concept have been proposed.
U.S. Pat. No. 7,266,693 to Potter et al. entitled “Validated mutual authentication”, proposes use of fractal images in authentications. In this method, a user selects a fractal image, from among a plurality of fractal images, during an authentication process. In subsequent transactions, the user is required to select that same fractal image, from among a plurality of fractal images, to authenticate her/him.
U.S. Pat. No. 7,200,576 to Steeves et al. entitled “Secure online transactions using a captcha image as a watermark” generally relates to techniques for conducting secure online transactions using CAPTCHA images as watermarks.
U.S. Pat. No. 7,197,646 to Fritz et al. entitled “System and method for preventing automated programs in a network” is generally directed at diminishing the use of automated programs in a networked environment. A server provides a client computer with a visual test upon a request transmitted through a network by the client computer to the server. The visual test requires the client computer to perform a predetermined action on a shaped object displayed on a video display in order to gain access to the server.
U.S. Pat. No. 7,149,899 to Pinkas et al. entitled “Establishing a secure channel with a human user” is generally directed at a method of establishing a secure channel between a human user and a computer application. In this approach, a host system uses a randomly selected identifier to authenticate the user. The randomly selected identifier is in a format that is recognizable to a human but is not readily recognizable by an automated agent. If the user correctly identifies the identifier, the user is granted access to the host system.
U.S. Pat. No. 7,149,801 to Burrows et al. entitled “Memory bound functions for spam deterrence and the like” discloses a method for preventing abuse of a resource on a computer network by use of come memory bound functions.
U.S. Pat. No. 7,139,916 to Billingsley et al. entitled “Method and system for monitoring user interaction with a computer” is generally directed at monitoring interaction between a user and a computer using an image including random reference data readable by the user.